Authentication mechanism

ABSTRACT

A computer-implemented method for preventing password leakage into a non-password field includes detecting that a user of an electronic device has entered a character in a non-password field appearing on a display associated with the electronic device. The character is echoed to at least the display, and stored to provide a stored character string. The stored character string is compared to a set of valid entries for the non-password field, when length of the stored character string reaches a predetermined threshold value. An alert is transmitted when the stored character string fails to match at least a substring of an element of the set of valid entries for the non-password field.

FIELD OF THE INVENTION

The present invention relates generally to preventing unauthorizedaccess to computer-based resources and in particular to minimizing theopportunity for password theft through prevention of password leakageinto non-password fields.

BACKGROUND OF THE INVENTION

In order to control access to computer-based resources, identificationand authentication steps are often undertaken to help ensure that aparticular access is appropriate. These steps are often embodied in alogin name and password paradigm. A potential user is generally requiredto provide a legitimate login name in a dedicated login name field,followed by the entry of a password associated with the user and knownto the resource being accessed. Of course, the resource being accessedmay simply be the user's own computing device, with login restrictionsapplied to forestall unauthorized use.

The login name and password entry process is perhaps even more desirablein controlling remote access to resources. Because of the ubiquitousnature of Internet access, employees often find themselves working fromremote locations where access to corporate, network-based resources isessential to productivity. Connection to an enterprise network is oftenobtained using a VPN, or Virtual Private Network, over whichcommunications may be encrypted to enhance security. Naturally, in a VPNsetting, or in using any of a number of remote access implementations,identification and authentication of the potential user is desirable inorder to maintain the security of remote access.

Since a user attempting remote access may be in a public place, such asan airport, a coffee shop, a public library, etc., consideration shouldbe given to the threat of theft of login credentials by stealth. Manylogon screens currently implement a protective mode in which the user'slogin name is replaced by non-alphanumeric characters (such asasterisks, for example), immediately after the user types his user nameand exits the login name field. Further protection is often extended tothe password field, where characters entered by the user are notdisplayed at all, but are instead replaced by a non-alphanumericcharacter at the time of character entry. For additional protection inthe password field, an arbitrary or random number of non-alphanumericcharacters are sometimes displayed in response to any character enteredby the user, in order to help conceal the actual password length from anunwanted observer. Of course, if a user should inadvertently attempt toenter a password in a non-password field, the precautions noted abovemay not be available as an aid in safeguarding password security.

SUMMARY

Embodiments in accordance with the present invention disclose a method,computer program product, and system for preventing password leakageinto a non-password field. A computer-implemented method includesdetecting that a user of an electronic device has entered a character ina non-password field appearing on a display associated with theelectronic device. The character is echoed to at least the display, andstored to provide a stored character string. The stored character stringis compared to a set of valid entries for the non-password field, whenlength of the stored character string reaches a predetermined thresholdvalue. An alert is transmitted when the stored character string fails tomatch at least a substring of an element of the set of valid entries forthe non-password field.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS

FIG. 1 is a functional block diagram illustrating a distributed dataprocessing environment, in an embodiment in accordance with the presentinvention.

FIG. 2 depicts a portion of a logon screen in an embodiment inaccordance with the present invention.

FIG. 3 presents another view of a portion of a logon screen in anembodiment in accordance with the present invention.

FIG. 4 depicts a portion of a logon page that includes a security tokenfield, in an embodiment in accordance with the present invention.

FIG. 5 is a flowchart illustrating operational steps of a method thathelps to forestall password leakage in an embodiment in accordance withthe present invention.

FIG. 6 depicts a portion of a logon page illustrating operation in anembodiment in accordance with the present invention.

FIGS. 7A and 7B combine to form a flowchart illustrating operationalsteps in an embodiment in accordance with the present invention, where auser attempts to identify and authenticate to access a resource on aremote device.

FIG. 8 is a functional block diagram of a computer system in anembodiment in accordance with the present invention.

DETAILED DESCRIPTION

Desired aspects in the prevention of password leakage into non-passwordfields include detection of an improper field, and notification of theuser, in order to prevent an unauthorized person from viewing the user'spassword in the clear. In a common scenario during a simple logonprocedure, a user may type his User Name into the proper field, butinadvertently fail to place the cursor in the Password field beforetyping in his password.

This action threatens to expose at least the initial characters of theuser's password. In an aspect in accordance with the present invention,a warning is provided to a user who appears to be typing his passwordinto a non-password field. Typing of a password into a User Name fieldis readily detectable on a logon screen, since the system (a laptop ordesktop computer, for example) to which the user is attempting to gainaccess is well aware of existing valid user names. It is also possibleto detect inadvertent password entry in other situations by implementingadditional field testing. In situations where a web page is involved inidentification and authentication steps, a database on a server computercan aid in forestalling improper password entry.

Example embodiments in accordance with the present invention will now bedescribed in detail with reference to the drawing figures. FIG. 1 is afunctional block diagram illustrating a distributed data processingenvironment, in an embodiment in accordance with the present invention.The distributed data processing environment includes server computer 102and electronic device 104 interconnected over network 106.

Server computer 102 may be a desktop computer, a laptop computer, atablet computer, a specialized computer server, a smartphone, or anyother computer system known in the art. In certain embodiments, servercomputer 102 represents a computer system utilizing clustered computersand components that act as a single pool of seamless resources whenaccessed through network 106, as is common in data centers and withcloud computing applications. In general, server computer 102 isrepresentative of any programmable electronic device or combination ofprogrammable electronic devices capable of executing machine readableprogram instructions and communicating with other computer devices via anetwork. In this embodiment, server computer 102 has the ability tocommunicate with other computer devices to query the computer devicesfor information.

In one embodiment, resource 108 residing in server computer 102 includesremote password application 110. In another embodiment, resource 108does not include remote password application 110, but, in anyconfiguration, resource 108 can communicate with remote passwordapplication 110. Examples of resource 108 can include a website, adatabase, or any remotely accessible medium which can request credentialverification of a user. Remote password application 110 may handle theverification of credentials of the user for resource 108.

In some embodiments, remote password application 110 may receive a username and password for verification from the user of electronic device104. In other embodiments, local password application 112, located onelectronic device 104, may provide a medium between the user ofelectronic device 104 and remote password application 110. Localpassword application 112 may receive input information through variouscomponents of electronic device 104 such as, for example, withoutlimitation, user interface 114, camera 116, and microphone 118. The userof electronic device 104 may utilize user interface 114 for user ID andpassword entry via a keyboard, for example, while camera 116 andmicrophone 118 may be utilized, in some embodiments, to gatheradditional information about the user of electronic device 104 and theenvironment in which electronic device 104 is operating.

In general, network 106 can be any combination of connections andprotocols that can support communications between server computer 102and electronic device 104. Network 106 can include, for example, a localarea network (LAN), a wide area network (WAN), such as the internet, acellular network, or any combination of the preceding, and can furtherinclude wired, wireless, and/or fiber optic connections.

In various embodiments of the present invention, electronic device 104can be a laptop computer, a tablet computer, a netbook computer, apersonal computer (PC), an automated teller machine (ATM), a medicaldevice, a personal digital assistant (PDA), a smartphone, or anyprogrammable electronic device capable of at least receiving inputs andcommunicating with server computer 102 via network 106.

User interface (UI) 114 on electronic device 104 displays informationthat any one of the processes of remote password application 110 orlocal password application 112 may display to a user. User interface 114can be, for example, a graphical user interface (GUI) or a web userinterface (WUI) that displays text, documents, web browser windows, useroptions, application interfaces and instructions for operation. Userinterface 114 also has the ability to receive user inputs for remotepassword application 110 as well as local password application 112.

FIG. 2 depicts a portion of a logon screen in an embodiment inaccordance with the present invention. As can be appreciated from anexamination of FIG. 2, a user has just entered his user name “John” 204in the user name field 202. Normally, the user would then position thecursor in the password field 206, perhaps by using the TAB key on hiskeyboard, or by positioning the cursor in the password field 206 throughmanual cursor movement, then using appropriate cursor control actions(left-clicking or tapping, for example) to make the password field 206the active field.

FIG. 3 presents another view of a portion of a logon screen in anembodiment in accordance with the present invention. As shown in FIG. 3,the user has continued to type the characters “kV7” in the user namefield 202 after typing his user name “John” 204, resulting in thecharacter string “Johnkv7” 302. This may indicate a situation in whichthe user has begun to type his password into the user name field 202.This is a cause for concern, since characters typed into any field otherthan the password field 206 are generally visible to anyone who may belooking over the user's shoulder.

FIG. 5 is a flowchart, generally depicted by the numeral 500,illustrating operational steps of a method that helps to forestallpassword leakage in an embodiment in accordance with the presentinvention. In a situation where a user is attempting to enter his username and password in a logon screen for his device, in step 502 localpassword application 112 inputs, echoes, and stores a character enteredin user name field 202. In general, when an input process “echoes” acharacter, the process may transmit the character to a display device,and perhaps to other destinations as well. Since local passwordapplication 112 has access to valid user names for the user's device,local password application 112 prepares to compare character stringsentered into user name field 202 to ensure that it is a user name, andnot a password, that is being entered.

In order to accomplish this, a character count threshold is determinedand set within local password application 112. In situations where thereare many users, each having a different user name, who are authorized toaccess a particular electronic device, it may be appropriate to set thecharacter count threshold at 5, for example. For a device with arelatively small number of authorized users, a smaller number, such as3, may be more effective. In any event, it is possible to determine anoptimum character count threshold through empirical methods.

A character counter is initialized to zero during startup of localpassword application 112. After a character is input in step 502, thecharacter counter is incremented in the next step (504). The charactercounter value is then tested in step 506 to determine whether thecharacter count has reached the predetermined threshold value. If not(step 506, “no” branch), local password application 112 returns to step502 to input another character. If the character count threshold hasbeen reached (step 506, “yes” branch), the input character string istested in step 508 to determine whether the string is a portion of avalid user name.

If the input character string matches a portion of a valid user name(step 510, “yes” branch), local password application 112 is satisfiedthat the user is, in fact, in the process of entering a valid user name.So the character counter is cleared in step 514, and local passwordapplication 112 returns to step 502 to input another character. In theevent the input character string is not a match for a portion of a validuser name, (step 510, “no” branch), the user name field is cleared andan alert is generated in step 512.

The alert to the user generated in step 512 may take a number of forms.An audible alert, such as a series of beeps, may be generated. Thedisplay of electronic device 104 may be caused to “flash” throughmodulation of display intensity. In addition, an alert message, such as“Invalid User Name,” may be presented on the display. Furthermore, sincedetection of a character string in the user name field that is not partof a valid user name may suggest that a portion of the user's passwordmay have been compromised, another possible alert mechanism may includenotification to the user, based upon properly entered user namecharacters in the user name field, the notification being transmitted bySMS (Short Message Service) message to a mobile phone number associatedwith the user name in a database accessible to local passwordapplication 112. The notification may also be provided by e-mail to ane-mail address associated with the user name. It is also possible thatlocal password application 112 may lock the user out if passwordexposure is suspected, and display a message requiring the user tochange his password.

FIGS. 7A and 7B combine to form a flowchart, generally depicted by thenumeral 700, illustrating operational steps in an embodiment inaccordance with the present invention, where a user attempts to identifyand authenticate to access a resource on a remote device. Such a contextis illustrated in FIG. 1, where, in an example embodiment, a user ofelectronic device 104 wishes to access a resource 108 that is hosted bya server computer 102 accessible over a network, such as network 106.

In an example embodiment, resource 108, which may be, for example, a webpage, transmits a logon page over network 106 to electronic device 104,which is rendered by a browser program resident on electronic device104, so the logon page is visible to the user of electronic device 104and available for suitable interaction. Once communication with the useris established, it is determined whether fingerprinting is in use instep 702 of FIG. 7A. Fingerprinting is a technique that may be utilizedby remote password application 110 to attempt to identify electronicdevice 104 and/or the user of electronic device 104. In an embodiment, a“fingerprinting active” flag may be set, perhaps on both the server 102and the user's electronic device 104, to provide notification thatfingerprinting is in use. Of course, other varieties of globalnotification for fingerprinting activity may also be employed.

In one embodiment, active fingerprinting may be in use, for which userpermission is generally needed. Information related to user hardware isgenerally collectable under active fingerprinting, and usefulinformation such as the Media Access Control (MAC) address associatedwith the user's machine may be determined. Knowing the MAC addresspermits positive identification of the user's hardware. In anembodiment, local password application 112 may collect useful datarelated to the user's device, and forward this information to the remotepassword application 110 resident on server computer 102. Of course,other data collection techniques may be employed, for example, but notlimited to, a scanning utility resident on a user's electronic device104, or an applet pushed to the user's electronic device 104 from servercomputer 102.

Other fingerprinting implementations may also be used in variousembodiments in accordance with the present invention. Browserfingerprinting may provide clues to the user's identity, as may aretrieval of the user's font list. Although this type of fingerprintingmay not positively identify a user's machine, it may allow the list ofpossible user names to be reduced, thus improving efficiency in caseswhere positive identification is difficult. Both biometricidentification and image processing may result in positiveidentification. If the user's electronic device is camera-equipped, itmay be possible to positively identify the user's image throughimage-processing techniques. In cases where the user's machine isequipped with a microphone, the user's voice may be analyzed to arriveat a positive identification of the user, and it may even be possible toanalyze background images and audio to extract some clues related to theuser's hardware or location that may help narrow the list of possibleuser names as suggested above.

If fingerprinting is not is use (step 702, “no” branch), charactersentered in the user name field of the logon page are displayed andechoed to the server computer 102 in step 704. In order to avoid anydisruptive reloading of the logon page, background messaging may be usedto transmit entered characters to the server. One such method that maybe used in various embodiments in accordance with the present inventionis AJAX (Asynchronous JavaScript and XML). Characters may also betransmitted to the server by local password application 112, or througha messaging capability provided through application integrationmiddleware.

It should be noted that the user's electronic device 104 and servercomputer 102 may be connected via network 106 in what is known as a“client-server” relationship. The client-server model is a popularconfiguration for networked computing in which the remotely-locatedcomputer, or server, is designed to share software and data with a localclient that simply needs to establish contact with the server to use itssoftware and data resources. Much effort has been expended to overcomecommunication impediments that may interfere with proper, and perhapsseamless, communication between resources on a client computer andremote resources located on a server. Many of these difficulties can beresolved through “application integration middleware.”

In simple terms, application integration middleware is computer softwarethat resides between the operating system for a particular platform andapplication software providing desirable functionality. Middleware'sprimary purposes are facilitating communication and input/output (I/O)operations among applications. Since incompatibilities among disparateapplications and data structures are regularly encountered both insideand outside the enterprise setting, even in client-server operations,enabling proper communication and I/O is a feature often found inapplication integration middleware. This communication feature mayenable sophisticated messaging between resources that does not disruptforeground operations.

A character counter is incremented in step 706 in order to help trackthe length of an entered character string. The character counter iscleared before first-time character entry begins. Clearing of thecharacter counter may be initiated, for example, by transmission of thelogon page to the user's electronic device 104. In step 708, thecharacter counter is examined to determine whether the character countthreshold has been reached. Character count threshold may be determinedempirically using criteria similar to those discussed in conjunctionwith FIG. 5 above. One of the considerations in choosing a charactercount threshold is balancing the number of characters of a password thatcould potentially be revealed with the likelihood that false matches mayoccur between a valid user name and the character string entered by theuser. In any event, character count threshold is a predetermined valueto which the character counter value is compared.

In the event that the character count threshold has not yet been reached(step 708, “no” branch), input characters continue to be displayed andechoed to the server in step 704. If the character count threshold hasbeen reached (step 708, “yes” branch), the input character string iscompared to the entries in the list of valid user names (step 710). Ifthe input character string matches at least a substring of a valid username (step 712, “yes” branch), the character counter is cleared in step716 and character input resumes in step 704. If there is no match of theinput character string to any substring of a valid user name (step 712,“no” branch), the data entry field is cleared and an alert message istransmitted (step 714) to the user's electronic device 104. The alertmessage may trigger an audible alarm at the user's device, as well asattention mechanisms such as screen flashing and/or one or more warningmessages displayed on the user's device. In addition, warning messagesmay be transmitted via SMS or e-mail to pre-configured recipients, muchas described previously in conjunction with the embodiment illustratedin FIG. 5.

In a situation in which fingerprinting is in use (step 702, “yes”branch), but positive identification cannot be made (step 718, “no”branch), a subset of the list of all valid user names is retrieved instep 720 based upon information acquired from the user's electronicdevice 104. As noted previously, even when positive identification ofuser's hardware (or of the user himself) cannot be achieved throughfingerprinting, the list of possible user names may be capable ofrefinement based upon clues detected during the fingerprinting process.This reduction in size of the list of user names that is considered forcharacter string matches provides some additional efficiencies in thesearch process that would not otherwise be achievable.

Similar to the process in which characters are input when nofingerprinting is in use, characters entered in the user name field ofthe logon page are displayed and echoed to the server computer 102 instep 722 in much the same fashion as is described above for step 704. Acharacter counter is incremented in step 724 in order to help track thelength of an entered character string. The character counter is clearedbefore first-time character entry begins. Clearing of the charactercounter may be initiated, for example, by transmission of the logon pageto the user's electronic device 104. In step 726, the character counteris examined to determine whether the character count threshold has beenreached.

In the event that the character count threshold has not yet been reached(step 726, “no” branch), input characters continue to be displayed andechoed to the server in step 722. If the character count threshold hasbeen reached (step 726, “yes” branch), the input character string iscompared (step 728) to the entries in the reduced-size list of possibleuser names retrieved in step 720. If the input character string matchesat least a substring of an element of the set of possible user names(step 730, “yes” branch), the character counter is cleared in step 732.The process of inputting a character and echoing the character to theserver then resumes in step 722. If there is no match of the inputcharacter string to any substring of a user name from the list (step730, “no” branch), the input character string is then compared to theentire list of valid user names in step 734. If there is a match (step736, “yes” branch), the user name that matched the input characterstring is added to the reduced-size list of possible user names in step738, the character counter is cleared (step 739), and the process ofinputting a character and echoing the character to the server resumes instep 722. If there is no match (step 736, “no” branch) the data entryfield is cleared and an alert message is transmitted (step 740) to theuser's electronic device 104. The alert message may trigger an audiblealarm at the user's device, as well as attention mechanisms such asscreen flashing and/or one or more warning messages displayed on theuser's device. The alert process closely follows the process describedin conjunction with step 714 above.

In the event that fingerprinting successfully achieves a positiveidentification of the user or the user's hardware (step 718, “yes”branch), program flow shifts through exit point B of FIG. 7A to entrypoint B of FIG. 7B, where the user name field is pre-filled with theuser name associated with the identified user (or user's hardware) instep 742. FIG. 6 depicts a portion of a logon page illustratingoperation in an embodiment in accordance with the present invention. Asshown in FIG. 6, the user name field 602 is no longer the active field,as indicated by the user name 604 being grayed out, and the cursor 608being repositioned in the active password field 606. In accordance withother embodiments, the user name field 602 may be totally obscured,although it may be advantageous to display the user name in the clearfor a brief period before obscuring the user name 604, since there maybe more than one authorized user for a given electronic device 104, andit would give the user an opportunity to view the user name to ascertainwhether the proper user name has been entered. It may also be a usefulfeature to re-display the user name if the user “clicks” (or taps, ifthat is appropriate, such as with a touch pad) with the cursorpositioned over the obscured user name field.

If the user name is not correct, and a different user desires to log in,a “DIFFERENT USER?” hyperlink 610 is provided. If the user selects thishyperlink (step 744, “yes” branch), the different user is permitted toenter his user name in the user name field. The entered user name iscompared to user names of the positively identified user, and to usernames associated with authorized users of the positively identifiedhardware, in step 748. If a match is detected (step 750, “yes” branch),then the user name field is locked out (and perhaps grayed out, assuggested above), and the cursor 608 is positioned in the password field606 so that the user may enter his password. In fact, a prompt mayappear, requesting that the user enter his password in this situation,to remind the user that the cursor is now in the password field. Thesame result (step 746) occurs in a case where a different user is notselected (step 744, “no” branch).

On the other hand, if the user name entered by the “different user” doesnot match a user name of the positively identified user, nor match auser name of a user associated with the positively identified hardware(step 750, “no” branch), for security purposes, program flow shiftsthrough exit point A of FIG. 7B to entry point A of FIG. 7A (step 704),the character counter is cleared, and the new user is compelled tofollow the path set aside for situations where fingerprinting is not inuse.

FIG. 4 depicts a portion of a logon page that includes a security tokenfield, in an embodiment in accordance with the present invention. It ispossible that a user may accidentally type his password into a visiblefield on any type of web form, causing risk of password exposure. Often,as described above in various embodiments in accordance with the presentinvention, this field will be the user name field 402, but it couldoccur in various other fields as well, for example, a field 410 forentering a security token number 412. The position of cursor 414 in thesecurity token field 410 indicates that the user may have begun typing apassword in this field.

In situations where the user name 404 has been entered in the user namefield 402, the password 408 has been entered in the password field 406,and the password 408 has already been verified (thus completingidentification and authentication steps), characters entered into thesecurity token field that are not part of the known security token, butare part of the user's password, can be detected and cleared, and asuitable warning provided to the user, using a technique very similar tovarious embodiments outlined above. The foregoing is an example of asystem that has the capability to warn the user when characters areentered in fields in a form where some of the fields may be passwordfields, but the remaining fields are plain text. A warning may occurwhen a user enters characters that cannot possibly belong in a giventext field, thus forestalling a potential password leak. In anembodiment, a warning may occur when the user enters characters in atext field that do not belong to that field, and the characters dobelong to the user's password, preventing a potential password leak.

In an illustrative embodiment, a user enters his user name, which willbe subject to one of the implementations discussed above, which providesan alert when characters that do not belong to any valid user name areentered. Once the user name is completely entered, the user's passwordmay be retrieved from a password repository. Password retrieval may besupported through a repository API (Application Program Interface) thataccepts a user name and returns the user's password. The user enters hisuser name correctly, but then presses TAB accidentally twice, sendingfocus onto the Security Token field 410.

When the user starts typing his password into Security Token field 410,it is determined that a valid user name 404 is present in the user namefield 402 already. This can be accomplished by setting a flag for thesession when user name validation is successfully completed. Then thesystem may continue checking, through a series of messages (AJAXrequests, for example), whether the entered characters are part of theuser's password and not part of the security token itself. Once thenumber of characters entered reaches a character count threshold, theuser is alerted through a warning mechanism.

As noted above in conjunction with the FIG. 7B description, whenfingerprinting positively identifies a user or the user's hardware, theuser name field may be pre-filled, locked out, and the cursor placed inthe password field, perhaps with a prompt requesting that the user enterhis password. In a situation where the user knows that fingerprinting isactive and working properly, and the user attempts to access the logonfor a remote resource and the user name field is not pre-filled, this isa strong indication that the remote site may be fake, since it suggeststhat the fingerprint cannot be properly detected. This may serve as awarning to the user about a potential phishing attack, as the genuinesite would have the capability to detect the user's device, or the userhimself, and pre-fill the user name field.

FIG. 8 is a functional block diagram of a computer system, generallydepicted by the numeral 800, in an embodiment in accordance with thepresent invention. Computer system 800 is representative of bothelectronic device 104, hosting local password application 112, andserver computer 102, hosting resource 108 and remote passwordapplication 110, along with data structures and/or other resources in anillustrative embodiment in accordance with the present invention. Itshould be appreciated that FIG. 8 provides only an illustration of oneimplementation and does not imply any limitations with regard to theenvironments in which different embodiments may be implemented. Manymodifications to the depicted environment may be made.

Electronic device 104 and server computer 102 may include communicationsfabric 802, which provides communications between computer processor(s)804, memory 806, persistent storage 808, communications unit 810, andinput/output (I/O) interface(s) 812. Communications fabric 802 can beimplemented with any architecture designed for passing data and/orcontrol information between processors (such as microprocessors,communications and network processors, etc.), system memory, peripheraldevices, and any other hardware components within a system. For example,communications fabric 802 can be implemented with one or more buses.

Memory 806 and persistent storage 808 are examples of computer readabletangible storage devices. A storage device is any piece of hardware thatis capable of storing information, such as data, program code infunctional form, and/or other suitable information on a temporary basisand/or permanent basis. In this embodiment, memory 806 includes randomaccess memory (RAM) 814 and cache memory 816. In general, memory 806 caninclude any suitable volatile or non-volatile computer readable storagedevice.

Password application 110 or 112 may be stored in persistent storage 808for execution by one or more of computer processors 804 via one or morememories of memory 806. In this embodiment, persistent storage 808includes a magnetic hard disk drive. Alternatively, or in addition to amagnetic hard disk drive, persistent storage 808 can include a solidstate hard drive, a semiconductor storage device, read-only memory(ROM), erasable programmable read-only memory (EPROM), flash memory, orany other computer-readable storage medium that is capable of storingprogram instructions or digital information.

The media used by persistent storage 808 may also be removable. Forexample, a removable hard drive may be used for persistent storage 808.Other examples include optical and magnetic disks, thumb drives, andsmart cards that are inserted into a drive for transfer onto anothercomputer readable storage medium that is also part of persistent storage808.

Communications unit 810, in these examples, provides for communicationswith other data processing systems or devices, including systems anddevices within or controlled by server computer 102. In these examples,communications unit 810 includes one or more wireless network interfacecards. Communications unit 810 may provide communications through theuse of either or both physical and wireless communications links.Computer programs and processes, such as password application 110 or112, may be downloaded to persistent storage 808 through communicationsunit 810, or uploaded to another system through communications unit 810.

I/O interface(s) 812 allows for input and output of data with otherdevices that may be connected to electronic device 104 or servercomputer 102. For example, I/O interface 812 may provide a connection toexternal devices 818 such as a keyboard, keypad, a touch screen, and/orsome other suitable input device, and may also provide a connection tocamera 116 and microphone 118, as illustrated in FIG. 1. Externaldevices 818 can also include portable computer readable storage mediasuch as, for example, thumb drives, portable optical or magnetic disks,and memory cards. Software and data used to practice embodiments of thepresent invention can be stored on such portable computer readablestorage media and can be loaded onto persistent storage 808 via I/Ointerface(s) 812. I/O interface(s) 812 may also connect to a display820. Display 820 provides a mechanism to display data to a user and maybe, for example, a touch screen or a computer monitor.

The programs described herein are identified based upon the applicationfor which they are implemented in a specific embodiment of theinvention. However, it should be appreciated that any particular programnomenclature herein is used merely for convenience, and thus theinvention should not be limited to use solely in any specificapplication identified and/or implied by such nomenclature.

The present invention may be a system, a method, and/or a computerprogram product. The computer program product may include a computerreadable storage medium (or media) having computer readable programinstructions thereon for causing a processor to carry out aspects of thepresent invention.

The computer readable storage medium can be a tangible device that canretain and store instructions for use by an instruction executiondevice. The computer readable storage medium may be, for example, but isnot limited to, an electronic storage device, a magnetic storage device,an optical storage device, an electromagnetic storage device, asemiconductor storage device, or any suitable combination of theforegoing. A non-exhaustive list of more specific examples of thecomputer readable storage medium includes the following: a portablecomputer diskette, a hard disk, a random access memory (RAM), aread-only memory (ROM), an erasable programmable read-only memory (EPROMor Flash memory), a static random access memory (SRAM), a portablecompact disc read-only memory (CD-ROM), a digital versatile disk (DVD),a memory stick, a floppy disk, a mechanically encoded device such aspunch-cards or raised structures in a groove having instructionsrecorded thereon, and any suitable combination of the foregoing. Acomputer readable storage medium, as used herein, is not to be construedas being transitory signals per se, such as radio waves or other freelypropagating electromagnetic waves, electromagnetic waves propagatingthrough a waveguide or other transmission media (e.g., light pulsespassing through a fiber-optic cable), or electrical signals transmittedthrough a wire.

Computer readable program instructions described herein can bedownloaded to respective computing/processing devices from a computerreadable storage medium or to an external computer or external storagedevice via a network, for example, the Internet, a local area network, awide area network and/or a wireless network. The network may comprisecopper transmission cables, optical transmission fibers, wirelesstransmission, routers, firewalls, switches, gateway computers and/oredge servers. A network adapter card or network interface in eachcomputing/processing device receives computer readable programinstructions from the network and forwards the computer readable programinstructions for storage in a computer readable storage medium withinthe respective computing/processing device.

Computer readable program instructions for carrying out operations ofthe present invention may be assembler instructions,instruction-set-architecture (ISA) instructions, machine instructions,machine dependent instructions, microcode, firmware instructions,state-setting data, or either source code or object code written in anycombination of one or more programming languages, including an objectoriented programming language such as Smalltalk, C++ or the like, andconventional procedural programming languages, such as the “C”programming language or similar programming languages. The computerreadable program instructions may execute entirely on the user'scomputer, partly on the user's computer, as a stand-alone softwarepackage, partly on the user's computer and partly on a remote computeror entirely on the remote computer or server. In the latter scenario,the remote computer may be connected to the user's computer through anytype of network, including a local area network (LAN) or a wide areanetwork (WAN), or the connection may be made to an external computer(for example, through the Internet using an Internet Service Provider).In some embodiments, electronic circuitry including, for example,programmable logic circuitry, field-programmable gate arrays (FPGA), orprogrammable logic arrays (PLA) may execute the computer readableprogram instructions by utilizing state information of the computerreadable program instructions to personalize the electronic circuitry,in order to perform aspects of the present invention.

Aspects of the present invention are described herein with reference toflowchart illustrations and/or block diagrams of methods, apparatus(systems), and computer program products according to embodiments of theinvention. It will be understood that each block of the flowchartillustrations and/or block diagrams, and combinations of blocks in theflowchart illustrations and/or block diagrams, can be implemented bycomputer readable program instructions.

These computer readable program instructions may be provided to aprocessor of a general purpose computer, special purpose computer, orother programmable data processing apparatus to produce a machine, suchthat the instructions, which execute via the processor of the computeror other programmable data processing apparatus, create means forimplementing the functions/acts specified in the flowchart and/or blockdiagram block or blocks. These computer readable program instructionsmay also be stored in a computer readable storage medium that can directa computer, a programmable data processing apparatus, and/or otherdevices to function in a particular manner, such that the computerreadable storage medium having instructions stored therein comprises anarticle of manufacture including instructions which implement aspects ofthe function/act specified in the flowchart and/or block diagram blockor blocks.

The computer readable program instructions may also be loaded onto acomputer, other programmable data processing apparatus, or other deviceto cause a series of operational steps to be performed on the computer,other programmable apparatus or other device to produce a computerimplemented process, such that the instructions which execute on thecomputer, other programmable apparatus, or other device implement thefunctions/acts specified in the flowchart and/or block diagram block orblocks.

The flowchart and block diagrams in the Figures illustrate thearchitecture, functionality, and operation of possible implementationsof systems, methods, and computer program products according to variousembodiments of the present invention. In this regard, each block in theflowchart or block diagrams may represent a module, segment, or portionof instructions, which comprises one or more executable instructions forimplementing the specified logical function(s). In some alternativeimplementations, the functions noted in the block may occur out of theorder noted in the figures. For example, two blocks shown in successionmay, in fact, be executed substantially concurrently, or the blocks maysometimes be executed in the reverse order, depending upon thefunctionality involved. It will also be noted that each block of theblock diagrams and/or flowchart illustration, and combinations of blocksin the block diagrams and/or flowchart illustration, can be implementedby special purpose hardware-based systems that perform the specifiedfunctions or acts or carry out combinations of special purpose hardwareand computer instructions.

1-7. (canceled)
 8. A computer program product for preventing password leakage into a non-password field, the computer program product comprising: one or more computer readable tangible storage media and program instructions stored on at least one of the one or more storage media, the program instructions comprising: program instructions to detect that a user of an electronic device has entered a character in a non-password field appearing on a display associated with the electronic device; program instructions to echo the character to at least the display; program instructions to store the character to provide a stored character string; program instructions to compare the stored character string to a set of valid entries for the non-password field, when length of the stored character string reaches a predetermined threshold value; and program instructions to transmit an alert, when the stored character string fails to match at least a substring of an element of the set of valid entries for the non-password field.
 9. The computer program product of claim 8, further comprising: program instructions to determine whether sufficient information has been collected to permit identification of the user of the electronic device or the electronic device itself; and where positive identification of the user or the device cannot be established, program instructions to apply the collected information to reduce the set of valid entries to which the stored character string is compared.
 10. The computer program product of claim 9, wherein program instructions to apply the collected information to reduce the set of valid entries to which the stored character string is compared further comprises: program instructions to evaluate the collected information, and exclude elements of the set of valid entries that are not associated with sufficient characteristics related to the collected information.
 11. The computer program product of claim 8, wherein program instructions to detect that a user of an electronic device has entered a character in a non-password field appearing on a display associated with the electronic device further comprises: program instructions to render content provided to the electronic device by a server; program instructions to determine that a character has been entered in an active field within the rendered content; and program instructions to determine that the active field is a non-password field.
 12. The computer program product of claim 11, wherein program instructions to determine that the active field is a non-password field further comprises: program instructions to determine that the non-password field is a user name field.
 13. The computer program product of claim 8, wherein program instructions to echo the character to at least the display further comprises: program instructions to echo the character to a server, by utilizing background messaging.
 14. The computer program product of claim 8, wherein program instructions to transmit an alert, when the stored character string fails to match at least a substring of an element of the set of valid entries for the non-password field further comprises: program instructions to transmit an alert that includes one or more of an audible alert, a visual alert, and an alert message transmitted to a designated recipient.
 15. A computer system for preventing password leakage into a non-password field, the computer system comprising: one or more computer processors; one or more computer readable storage media; and program instructions stored on the computer readable storage media for execution by at least one of the one or more computer processors, the program instructions comprising: program instructions to detect that a user of an electronic device has entered a character in a non-password field appearing on a display associated with the electronic device; program instructions to echo the character to at least the display; program instructions to store the character to provide a stored character string; program instructions to compare the stored character string to a set of valid entries for the non-password field, when length of the stored character string reaches a predetermined threshold value; and program instructions to transmit an alert, when the stored character string fails to match at least a substring of an element of the set of valid entries for the non-password field.
 16. The computer system of claim 15, further comprising: program instructions to determine whether sufficient information has been collected to permit identification of the user of the electronic device or the electronic device itself; and where positive identification of the user or the device cannot be established, program instructions to apply the collected information to reduce the set of valid entries to which the stored character string is compared.
 17. The computer system of claim 16, wherein program instructions to apply the collected information to reduce the set of valid entries to which the stored character string is compared further comprises: program instructions to evaluate the collected information, and exclude elements of the set of valid entries that are not associated with sufficient characteristics related to the collected information.
 18. The computer system of claim 15, wherein program instructions to detect that a user of an electronic device has entered a character in a non-password field appearing on a display associated with the electronic device further comprises: program instructions to render content provided to the electronic device by a server; program instructions to determine that a character has been entered in an active field within the rendered content; and program instructions to determine that the active field is a non-password field.
 19. The computer system of claim 18, wherein program instructions to determine that the active field is a non-password field further comprises: program instructions to determine that the non-password field is a user name field.
 20. The computer system of claim 15, wherein program instructions to echo the character to at least the display further comprises: program instructions to echo the character to a server, by utilizing background messaging. 